TABLE OF CONTENTS
- What high level capabilities does Cylitic perform?
- Should I remove my current antivirus solution?
- Do I need to remove my existing encryption solution?
- What data does Cylitic see and analyze?
- Can the tools interrupt my workflow?
- How can I access the Cylitic Vue Portal?
- Why does DNS on the endpoints now use 127.0.0.1, and how does internal name resolution work?
- What can we expect after installing the package?
- Can we use SCCM to deploy Cylitic?
- Do I have to manage the service?
- Is there a technical way I can verify Cylitic is installed on a system?
- I noticed DNS Crypt, is this part of Cylitic?
What high level capabilities does Cylitic perform?
- Cylitic Security delivers fully managed protection for your practice. This includes:
Next Generation Antivirus (NGAV)
Endpoint forensics and threat detection
Web security and malicious site blocking
Endpoint encryption monitoring
Our security analysts monitor your environment and can respond in real time if something suspicious happens. The goal is simple: layered, enterprise-grade protection designed specifically for small to mid-sized physician practices.
Should I remove my current antivirus solution?
- Yes. Running two antivirus solutions at the same time can cause performance issues and may actually reduce effectiveness.
Before installing Cylitic, please uninstall any existing antivirus software to ensure everything runs smoothly.
Do I need to remove my existing encryption solution?
- No. Cylitic does not install its own disk encryption software. Instead, we check whether encryption is enabled and help ensure it is properly configured. If you already have encryption in place, you can keep it.
What data does Cylitic see and analyze?
- Cylitic only sees security-related telemetry from the tools we deploy. For example:
Malware that was blocked
Malicious websites that were prevented
Number of systems protected
System security status
We do not see or access Personally Identifiable Information (PII) or Protected Health Information (PHI) stored on your systems.
Can the tools interrupt my workflow?
- Our goal is zero disruption.
- During onboarding, we review and allow legitimate applications to prevent interference with daily operations.
- In rare cases where something needs adjustment, our support team is available 24/7. You can reach us anytime at: support@cylitic.com or (800) 260-8124
How can I access the CyliticVue Portal?
- You can access the CyliticVue Portal at: https://vue.cylitic.com/
- If you do not yet have an account, ask a colleague to send you an invitation or contact support@cylitic.com for assistance.
I installed Cylitic on a computer but it does not show up as managed in the CyliticVue Portal
- Ensure you have the latest installer downloaded and run it again as Administrator. A log is created in “C:\Program Files\Cyd\log.txt” that will provide more information. If it does not make the endpoint appear as managed in a few hours contact support@cylitic.com with the hostname of the computer and attach the log.txt file.
How does Cylitic detect “unmanaged” computers and how do I find them?
- Cylitic does distributed network scans periodically to find systems we are not installed on. During this process known systems that cannot be managed, i.e smartphones, printers and networking equipment are filtered out. In some cases certain network connected equipment use network interfaces that give off the appearance of being a desktop. If the hostname of an unmanaged system is not known via scans, a device will show up as “UNMANAGED SYSTEM.” By clicking on the Systems tab and the specific unmanaged system you can see the MAC address, NAT IP address and network ip address to help you identify a device. If a device is found to be unmanagable please contact support to exclude it from your report.
Why does DNS on the endpoints now use 127.0.0.1, and how does internal name resolution work?
- A local process on each computer runs and listens for DNS requests on the local loopback address (127.0.0.1).
- The local process performs some security checks and performs resolution redirection based on the name that is being resolved.
- Any domain names that are related to active directory, and any domains that end in .local will continue to use internal DNS resolvers.
- Any domain names that are external will use the Cisco umbrella external resolvers.
What can we expect after installing the package?
- The installation package downloads and installs three different programs. Those programs are Cisco Umbrella, Sentinel One, and Tanium.
- The Umbrella installer will change the DNS server settings on the endpoint to 127.0.0.1.
- Tanium and Sentinel One will perform some system profiling steps right after the initial installation and this may cause larger than normal CPU consumption, but this should only be the case for 3 hours or less.
Can we use SCCM to deploy Cylitic?
- Yes. If you use Microsoft SCCM or another remote deployment tool, we can provide an MSI package for deployment. There is one additional step involving a registry key. Please contact support@cylitic.com if you would like the deployment package and instructions.
Do I have to manage the service?
- No. Cylitic is fully managed. Our team continuously monitors and maintains the service. There is no configuration or ongoing management required from you.
Is there a technical way I can verify Cylitic is installed on a system?
- You can check for the presence of the following directories:
Windows 32 bit: \Program Files\Tanium\Tanium Client\ Windows 64 bit: \Program Files (x86)\Tanium\Tanium Client\ macOS: /Library/Tanium/TaniumClient Linux/Unix: /opt/Tanium/TaniumClient
I noticed DNS Crypt, is this part of Cylitic?
- Yes, Cisco Umbrella is included in Cylitic Security suite to conduct web inspection and block network threats. Cisco Umbrella utilizes DNS Crypt in order to encrypt system DNS traffic.